So far we have laid more stress on the pre-exploitation phase in which we tried out various techniques and exploits to compromise our target. In this chapter, we will lay stress on the post-exploitation phase—what we can do after we have exploited the target machine. Metasploit provides a very powerful post-exploitation tool named meterpreter that provides us with many features that can ease our task of exploring the target machine. We have already seen the use of meterpreter and post-exploitation in the previous chapter of antivirus bypass. In this chapter, we will understand in detail about meterpreter and how to use it as a potential tool for the post-exploitation phase.

We have been using payloads in order to achieve specific results but they have a major disadvantage. Payloads work by creating new processes in the compromised system. This can trigger alarms in the antivirus programs and can be caught easily. Also, a payload is limited to perform only some specific tasks...